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Abstract. In this paper, we recursively construct explicit elements of provably high order in finite fields. We 
do this using the recursive formulas developed by Elkies to describe explicit modular towers. In particular, 
we give two explicit constructions based on two examples of his formulas and demonstrate that the resulting 
elements have high order. Between the two constructions, we are able to generate high order elements in 
every characteristic. Despite the use of the modular recursions of Elkies, our methods are quite elementary 
and require no knowledge of modular curves. We compare our results to a recent result of Voloch. In order 
to do this, we state and prove a slightly more refined version of a special case of his result. 



1. Introduction 

Finding large order elements of finite fields has long been a problem of interest, particularly to cryptog- 
raphers. Given a finite field Fg, Gao |6] gives an algorithm for constructing elements of Fg^ of order greater 
than 



J^4l0gg(2l0gg re) 2^ 

The advantage of the algorithm is that it makes no restriction on q and it allows one to produce a provably 
high order element in any desired extension of Fg provided that one can find a polynomial in Fg[x] with 
certain desirable properties. Gao conjectures that for any n > 1, there exists a polynomial of degree at most 
2 logg n satisfying the conditions of his theorem. Conflitti has made some improvement to Gao's construction 
in [4]. However, the aforementioned conjecture remains unproven. Another result concerning the q "shifts" 
of an element of a general extension of Fg appears in [T^ Corollary 4.4]. 

For special finite fields, it is possible to construct elements which can be proved to have much higher 
orders. For example, in Theorems [T] and [2] of this paper we construct elements of higher order in extensions 
of Fg of the form Fg2'> and Fg3" . See [71 [11] on orders of Gauss periods and [2j [3] on Kummer extensions. 
It has been pointed out to us that the method of [2 [3] is able to produce higher order elements in the same 
extensions as our method. However, our method of construction is new, and we hope that it will prove to 
be a fruitful technique. 

In [14], Voloch shows that under certain conditions, one of the coordinates of a point on a plane curve 
must have high order. The bounds we obtain through our methods have order of magnitude similar to those 
predicted in the main theorem of [14]. In a special case however, Voloch is able to achieve bounds which are 
much better. See section 5 of [14]. Unfortunately, Voloch does not fully state this theorem and only alludes 
to how one may adapt the proof of his main theorem for this special case. The bounds given in [14] are not 
as explicit as the ones given in this paper. Moreover, Voloch gives no explicit examples of his theorems. In 
Section [6] of this paper, we apply Voloch's technique to obtain a more explicit version of the special case of 
his main theorem. We then construct a sequence of elements for which his bounds apply and compare with 
our methods. 

In this paper, we consider elements in finite field towers recursively generated according to the equations 
for explicit modular towers [5]. We give two explicit constructions: one for odd characteristic and one for 
characteristic not equal to 3. In the first case, we explicitly construct elements of Fg2n whose orders are 
bounded below by 25" +f n+ord2(9-i)-i_ in the second, we obtain elements of FgS" whose orders are bounded 
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below by 32" +ln+ord3(q 1)^ Throughout wc use the convention that exponentiation is right-associative, i.e., 

2. Constructions Arising from Modular Towers 

In [5], Elkies gives a recursive formula for the defining equations of the modular curve Xo{£") by identifying 
Xo(^") within the product (Xo(£^))" for n > 1. For several cases, he even writes explicit equations. For 
example, in the case ( = 2, the recursion is governed by the rule 

(1) 

Elkies also notices that under a suitable change of variables and a reduction modulo 3, the equation becomes 

yf+i = Vj - 

which was used by Garcia and Stichtenoth [TD] to recursively construct an asymptotically optimal function 
field tower. In fact, Elkies notes that many recursively constructed optimal towers may now be seen as 
arising from these modular curve constructions and speculates that perhaps all such towers are modular in 
this sense. 

In this paper, we use Elkies' formulas to generate high order elements in towers of finite fields. For 
example, the following construction will yield high order elements in odd characteristic. The equation ([T]) 
may be manipulated to the form f{X, Y) = 0, where 

f{X,Y) ■.= Y^ + {6-8X^)Y +{9-SX^), (2) 

and we have made the substitution X = Xj and Y — Xj^i. Now, choose q = to be an odd prime power 
such that ¥q contains the fourth roots of unity (i.e. q=l (mod 4)). Choose ao € Fq such that — 1 is not 
a square in F^. In Lemma [3] (see Section |3]), we will show that such an always exists. Finally, define q;„ 
by /(«„_!, a„) = for n>l. This construction yields the following result; where, as usual, for a prime £, 
ovdi{a) denotes the highest power of £ dividing a. 

Theorem 1. Let 6n :— a^ — 1. Then Sn has degree 2" overWq, and the order of Sn in Fq2" is greater than 
25" +2n+oid2((j-i) ii^i^legg q = 2 (mod 3) and ao = i (^^^), in which case the order of Sn is greater than 

2^n^ + ^n+ord2(g — 1) — 1 

To accommodate even characteristic, we have also considered Elkies' formula for Xo(3"). We will prefer 
to work with the equation in the polynomial form g{X,Y) — 0, where 

g{X, Y) + (6 - 9X^)Y^ + (12 - 9X^)Y + (8 - 9X^). (3) 

For this construction, choose g to be a prime power congruent to 1 modulo 3 but not equal to 4. The 
condition q = 1 (mod 3) assures the presence of the third roots of unity in F^. Choose /3o G ¥q such that 
/3q — 1 is not a cube in F^. In Lemma U (see Section [3]), we show that such a f3o always exists except when 
q — 4:. Finally, define /3„ by g(/3„_i, /3„) = for n > 1. For this construction, we have the following result. 

Theorem 2. Let 7„ := (3^ — 1. Then 7„ has degree 3" over ¥q, and the order of in F^a" is greater than 

35ri^ + |ri+ord3(g-l) 

There are two interesting things about the above constructions. The first is that, computationally, the 
elements (5„ and 7„ appear to have much higher order than our bounds suggest. See Section [7] for examples. 
The second interesting thing is that, as with the case of the optimal function field tower constructions of 
Garcia and Stichtenoth [51 [TU] arising from these modular curve recipes, our proofs do not at all exploit this 
modularity. Perhaps the key to achieving better bounds lies in this relationship. 

The paper is organized as follows. In Section [31 we will state and prove some elementary number theory 
facts that will be of use to us. In Section [4l we consider the first construction; and in Section [5l we consider 
the second. Finally, in Section [71 we give a few examples of each of the main theorems. 

2 



3. Number Theoretic Facts 

Recall the following well known fact for detecting perfect n-tli powers in finite fields. See [131 P- 81] for 
example. 

Fact 1. If q = 1 (mod n), then x € ¥* is a perfect n-th power if and only i/ a;^'?^^-'/" = 1. 

Also recall the following facts, which can be easily proved. 

Fact 2. Let a; G F* of multiplicative order d. For m,n £ N, if x" ^ I and x"™ — 1, then gcd{d, m) > 1. 

Fact 3. Let a; G F* of multiplicative order d. If £ is a prime, m — ord^(n), and x" is a nontrivial £-th root 
of unity, then divides d. 

The following lemmas are useful for bounding the orders of the elements appearing in Theorems [T] and [5] 

Lemma 1. Let e,beN such that 6=1 (mod £), and let M,N eN with AI < N . Then 

gcd (j2b'-(^-^),j2b'"^''A =(; 



T ^ ■" are coprime. 



and hence b ' ■'^ and b 
Proof. The following computation follows from Euclid's algorithm: 



gcd b'"''-'^ gcd {e, b'" (4) 



Since M < N, repeatedly using the difference of £-th. powers formula shows that X]j=i b^ ^^'^^ divides b^ —1. 
Also, since 6=1 (mod £), it is clear that £ divides both Yli\=i b^ and X]^=i b^ Therefore, 

gcd |^6^"(^-^',^6^"(^'^M =t 
i=i / 

□ 

1 ^ JV - 

Lemma 2. Let £,b, N G N with i prime and 6=1 (mod £). If p is a prime dividing — 6^ i^-J) ^ then 



p>£^+\ 



£ 



Proof. Since £ >2 and 6=1 (mod £), £? divides (6^ —1). Hence, p 7^ ^ for otherwise, we have a contradiction 
with Thus, p dividing j 6^"(^~'') implies that X]j=i 6^"*^^^-') = (mod p). So, 6^" is a nontrivial 

£-th root of unity modulo p. Therefore, by Fact[3l £^'^^ divides p — 1, and hence p > £^^^ . □ 

The following two lemmas essentially give the necessary and sufficient conditions for completing the first 
step in the construction of our towers, i.e., under certain restrictions on g, they demonstrate the existence 
of ao and /3o each having its desired property. The proofs involve counting F^ solutions to equations via 
character sums. We refer the reader to [13l Chapter 8] for more on this technique. As in j^, for characters 
■0 and A on Fq, we denote the Jacobi sum of -0 and A by J('0, A) := X]a+6=i '0(a)A(6). 

Lemma 3. Let q be a prime power. Then there exists ao G Fg such that — — 1 is not a square in ¥q 
if and only if q is odd. 



Proof. First, note that if q is even, then every element of is a square. So, we assume that q is odd. We 
desire ag G F* such that ckq — 1 is not a square. Our method for proving that such an ao exists involves 
counting solutions to the equation a;^ — = 1. Let r be the unique character of exact order 2 on F^. Then 

#{{x,y)e¥l.x'-y'^l} = ^ fE^'(«) I (E^'(-^) 

a+b=l 
1 1 

i=0 j=0 

= q + T{-l)J{T,T) =q-l. 

On the other hand, if ofQ — 1 is a square for all choices of ao, then — 1 ^ has a solution for all 
ao G Fg. In this case, we have 

#{{x,y) eWl-.x'-y' ^1} = J2 e : - "0 - 1} 

= ^ 1+ ^ 2 = 2 + 2(g-2) = 2g-2. 

Thus, the assumption that a§ — 1 is always a square leads to the conclusion q — \ = 2q — 2, which implies 
g = 1, a contradiction. □ 

Lemma 4. Let q he a prime power. Then there exists /3o G Fq such that 70 = /3o — 1 is not a cube in ¥q if 
and only if q = 1 (mod 3) and q ^ A. 

Proof. First, note that if g ^ 1 (mod 3), then every element of Fg is a cube. So, we will assume that q = l 
(mod 3). As mentioned earlier, this means that Fg contains a primitive third root of unity. We now count 
Fg solutions to the equation x^ ~ y'^ = 1. Let x be any character of order 3 on Fg. 

#{(x,2/)GF2:x3-y3 = l} = \ jlx'm\jlx\-h) 

a+b=l 
i=0 3=0 

= q-2x{-l) + J{x.x) + J{x\x^) 
= g-2 + 2ReJ(x,x)- 
On the other hand, if we assume that /3q — 1 is a cube for all choices of /3o G Fg, then 

#{(a;,y) G F^ : - ^ 1} = J] #{y e Fg : /S^ - y^ = 1} 

= ^ 1+ ^ 3 = 3 + 3(g-3) = 3^-6. 

Thus, the assumption that P^ — lis always a cube leads to the conclusion that |2q — 4| = | [iq — 6) — (g — 2) | = 
|2ReJ(x,x)l < 2^, which implies \q - 2\ < This implies that {q - l){q - 4) < 0. The only q = 1 
(mod 3) satisfying this inequality is g = 4. □ 



4. The Quadratic Tower for Odd Characteristic 

In this section, we consider the first tower, which is recursively constructed using Throughout this 
section we will assume that p is an odd prime and that q — = 1 (mod 4). In particular, if p = 3 (mod 4), 
then 2|m. As discussed in the introduction, this condition ensures the existence of a primitive fourth root 
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of unity. This will be seen to be a necessary ingredient in the construction of our tower. We also fix ao such 
that Sq = — 1 is not a square in . Recall that that Lemma [3] ensures the existence of such an ao . 

Before moving forward, we need to establish the relationship between 5„ and Sn-i- From ^ and the 
definition of 6n (see Theorem[T]), we deduce that Sn-i and 5n are related by F{dn^i,Sn) ~ {n> 1), where 

F{X,Y) ■.= Y^ - {iSX + 64:X^)Y -64:X. (5) 

We also fix the following more compact notation for the norm. We take 

For the purpose of making the proof easier to digest, we break Theorem [T] into a pair of propositions. 
Proposition 1. The elements a„ and (5„ have degree 2 over F^2"-i for n > 1. 

Proof. First note that the discriminant of /(a„_i,y) is (5„_i = ot'^-i — 1 for all n > 1. We will proceed by 
induction on n. Recall that ao was chosen so that Sq, the discriminant of /(ao, Y), is not a square in F^. Thus, 
ai satisfies an irreducible polynomial of degree 2 over F^, i.e., ai has degree 2 over ¥q. We may take {1, ai} 
as a basis for Fg(ai) over ¥q. Writing Si in terms of the basis, we have Si ~ a^ — l = (Sap — 6)ai + (Sag — 10). 
So, Si G ¥q if and only if 8a§ — 6 = 0. If 8a§ — 6 = 0, then = Q^o ~ 1 — ^4^^, which is a square in F, 
since F^ contains the fourth roots of unity. This is contrary to our choice of ao. Thus, Si has degree 2 over 
¥q as well. 

Now, suppose that a^ and Sk both have degree 2 over F^a^-i for 1 < fc < n. Then /(a„_i,y) is the 
minimum polynomial of a„ over F^2"-i ; and hence, the discriminant is not a square in F^2"-i • In particular, 

sf.r-''^'=-i. (6) 

Observe that F{Sn-i,Y) is the minimum polynomial of (5„ over F^2"-i. To prove that the degree of a„+i 
over Fg2'> is 2, we show that /(a„, F) is irreducible over F^2" . Now, 

s^f-'^/' = {s^r^^'^y "'^^'=(N„,i(5„))^''""-^^/^ 

= (-645„_i)(^'""-^)/' = -l. 

Here we have used ^ and the fact that —64 is a square in F^2"-i since ¥q contains the fourth roots of unity. 
Thus, Sn is not a square, and hence /(a„,y) is irreducible. So, the set {l,a„+i} forms a basis for F^2"+i 
over ¥q2" . Now, we write Sn+i in terms of the basis, and apply the same argument as for Si to demonstrate 
that the degree of Sn+i over F^2" is 2 as well. This completes the induction and the proof. □ 

An easy induction proof, exploiting the fact that F{Sk-i, Y) is the minimum polynomial of Sk over F^2'=-i 
for 1 < fc < n, shows that 

N„,,(5„) = (-64)(2^-i)5„_, (7) 
for I < j < n. This fact will be useful in the proof of the proposition below. 

Proposition 2. The order of Sn in F^2" is greater than 2^"^+l"+°'''i2(«-i) unless q = 2 (mod 3) and 
ao = ± {^^^) , in which case the order of Sn is greater than 2^" +|n+ord2((?-i)-i ^ 

Proof. We first compute the power of 2 dividing the order of Sn- Recall from the proof of Proposition [T] that 

Sn ^^^^ 7^ 1; but of course, Sn = 1 since Sn G F^2" . Since g = 1 (mod 4), ord2(g'^^ + 1) = 1 for each 

j > 1. Repeatedly using the difference of squares formula, we have 



ordsf^— ^) = ord2(g-l)-l + 5]ord2(g'' +1) 

= n - 1 + ord2((7 - 1). 
Thus, 2"+°^d2(g-i) divides the order of (5„ by Fact El 



Now we look for odd primes dividing the order. By Fact [H the order of S„ has a common factor with 
(q^ ^ + l)/2 for each j such that the i^-j'~^w power of (5„ is not equal to 1. By ([7]), we have that the 



(g" -1) 



power of Sn is equal to 



(g2"-^+l)/2 

provided that S^_j_^_i ^ F^2"-j ■ From ([5]), we know that we may write 5^_j^i as 

= (48<5„_, +64<5^^.)'5„-,+i +64<5„_,. 

Thus, € if and only if Sn-j satisfies the equation 485„_j + 6A5^_j — 0. If this were the case, 

then Sn-j — or in-j = — 3~^4. By Proposition [l] this implies that n ~ j. However, Sq = contradicts 
the choice of ao; and = — 4~^3 contradicts the choice of ap unless —3 is not a perfect square, that is, 
unless q = 2 (mod 3). If q = 2 (mod 3), then the only choices of ao that give Sq = — 4~-'^3 are = ± (^7^) ■ 
Thus, the order of (5„ has a common factor with {q^ ^ + l)/2 for each 1 < j < n unless q = 2 (mod 3), 
ao — ± (^^), and j = n. Each of these factors must be odd since ord2((7^" ^ + 1) = 1 as noted above. By 
Lemma [T] with £ — 2 and b ~ q, we see that these factors must be pairwise coprime as well. Hence, we get 
either n or n — 1 distinct odd prime factors dividing the order of <5„ depending on the case. By Lemma 
each such prime factor must bounded below by 2"^^+^. Therefore, the order of (5„ is bounded below by 

" 2 

2n+ord2((} — 1) 2"^J + 1 = 2"+°'''i2(g-l)+n(n+l)/2 _ 2 " 2^" +ord2(i;— 1) 

unless q = 2 (mod 3) and — ± (^^), in which case the order is bounded below by 2^"^+i"+°'''i2(9-i)-i^ 

□ 

Theorem [T] follows by combining the two propositions. The authors would like to point out that it is 
possible to achieve a slightly better lower bound for the order of (5„ by the following method. First, choose a 
square root of (5„_i, say 5n~i G F^2" . Then use the method above to prove a lower bound for the order of 
^J5n-i. Finally, deduce a bound for the order of (S„. The improvement, however, only affects the coefficient 
of n in the exponent. Since computationally our bounds do not appear to be that close to the truth, we have 
decided to work directly with (5„ instead. 

5. The Cubic Tower for Characteristic not 3 

In this section, we consider the second tower, which is recursively constructed using ([3]). Recall that, for 
this tower, we assume that q = 1 (mod 3) and q 7^ 4. This means that F^ will contain the third roots of 
unity, and hence the third roots of —1 as well. We also fix a /3o such that 70 = /Jp — 1 is not a cube in Fg. 
Recall that Lemma |4] ensures the existence of such a /3o • 

Before we begin the proof of Theorem [2l we need to establish the relationship between 7„_i and 7„. The 
relationship is given by G(7„_i,7„) = for n>l, where 

G(X, Y) := - {270X + 972X^ + 729X^)Y^ - {972X + 729X'^)Y - 729X. (8) 

This follows from ([3]) and the definition of 7„. We also fix the following notation for the norm. 

N„,, : F,3" ^ F^3"-. , 



As in sectional we break the result into two smaller propositions. 
Proposition 3. The elements /3„ and 7„ both have degree 3 over F^gn-i for n > 1. 

Proof. By carefully examining the cubic formula applied to the polynomial, one observes that g(/3„_i,y) is 
irreducible if and only if 7„_i — l3^_i — 1 is not a cube in F^gn-i . Thus, /3„ will have degree 3 over F^gn^i 
if and only if 7„_i is not a cube in F^3ti-i for all n > 1. As with the proof of Proposition [l] we proceed by 



induction on n. Recall that /3o was chosen so that 70 is not a cube in F^. Thus, /3i has degree 3 over F^. So, 
we may take {l,/3i,/3^} as a basis for F^s over F^. Writing 71 in terms of the basis, we have 

71 = - 1 = (9/33 - + (9/33 - 12) A + (9/33 - 9). 

So, 71 e Fq if and only if 9/3q —6 = and 9/3o — 12 = 0. This leads to the conclusion that 70 — —3^^ and 
7o = 3~^, which implies that 2 = 0, i.e., the characteristic is 2. In this case, we are led to the conclusion 
that 7o = 1, which is a cube. This of course is contrary to our choice of 70. Therefore, 71 ^ Fq, i.e., the 
degree of 71 over Fg is 3. This completes the trivial case. 

Now, let a; be a primitive cube root of unity in F^ and suppose that Pk and both have degree 3 over 
F^3fc-i for 1 < A; < 71. Then (7(/3„_i, Y) is the minimum polynomial of /?„ over F^3,i-i ; and hence 7,i_i is not 
a cube in F^3„-i . In particular, 

(';^""'-i)/3 

In-l 

Observe that G(7„_i, Y) is the minimum polynomial of 7„ over F^an-i . Thus, 

= =(N..,.h„))<'--'-'>" 

= (-7297..-,)<'"'" "-"'= = 1..; 

i.e., fin+i has degree 3 over F^3" . To prove that 7,1+1 also has degree 3 over Fq3'> , write 7^+1 in terms of the 
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-basis {1, Pn+i, Pn+i}i proceed as we did for 71. □ 



An easy induction proof using the fact that G{'^k-i, Y) is the minimum polynomial of 7/c over V ^^k-i for 
1 < A; < n, shows that 

N„,,(7„) = (-729)(=^'-i)7„_j 

for 1 < j < n. 

Proposition 4. The order 0/7,1 in ¥^3^ is greater than 35"^+l"+°'''^3(9~i) . 

Proof. We first compute the power of 3 dividing the order of 7,1. Recall from the proof of Proposition [3] that 
^{q -i)/3 _^ ^ However, 7.^;' — 1 since 7„ e F^3" . Since q = I (mod 3), ord3((g3^)^ + q''^ + 1) = 1 for 
each j > 1. Repeatedly using the difference of cubes formula, we have 

ordsf^— j = ord3(g-l)-l + ^ord3 Mg^') + q^' + 

= n - 1 + ord3(g - 1). 

Thus, 3«+oi-d3(9-i) divides the order of 7 by FactO 

Now, we look for primes dividing the order that are not equal to 3. In particular, we will show that the 
order of 7™ has a common factor with ((g^ + g'^ ^ + l)/3 for each 1 < j < n. This factor must not be 
a multiple of 3 since ord3((g3" + g^" ^ + 1) = 1 as noted above. By Lemma [TJ with £ — 3 and b = q, 
we see that these factors must be pairwise coprime as well. Hence, we get n distinct prime factors dividing 
the order of 7„, none of which are equal to 3. By Lemma [U each of these primes must be bounded below by 
3n-i+i^ Hence, if we can show that the order of 7„ has a common factor with {{q'^" + g^" ' + l)/3 for 
1 < j < JT-, then we have that the order of 7„ is bounded below by 

" 2 

2n+ord3(g-l) JJ^ gn-j + l _ gw+orda (g-l)+»(n+l)/2 _ g " +ord3(9-l) 

By Fact [2l the proof will be complete when we show that the — r^^-; — rr power of 6n is not equal 

{{q-' )-'+q-' ■'+l)/3 

to 1 for 1 < j < n. Now, dn raised to the 3^-3 -.1 — ^^^t — tttt power is equal to 

(N„,.i(7„))^('""^-^) = ((-729)(3^^-^'-i)7„_,.^i)3(.^"-^--i) ^ 1 



provided Jn-j+i ^ ^q:'"-^^ ■ From we know that we may write as 

73_^.+i = (2707„_, + 972-fl_^ + 7297,3_^.)7'-,+i + (9727„_, + 72972_^-)7n-,+i + 7297„_,. 

Thus, '^n-j+i ^ ^ 3"-J if oi^ly if 7«-j satisfies the system 

2707„_, + 97272_^. + 72973_^- = 0, 

9727„_, + 72972_^- = 0. 

Suppose that jn-j does satisfy the above system. If the characteristic is 2, the first equation implies that 
7„_j = 0, which is a contradiction. Suppose then that the characteristic is not 2. Solving the system, we have 
— 3^^(6 + -\/6) = 7n-j = — 3~^4, where -\/6 may be any square root of 6. This leads to the conclusion that 
30 = 0. Hence, the characteristic must be 5. By Proposition [31 we see that j = n since 7„„j = — 3~^4 e Fg. 
However, this means that 70 = 2, which is in contradiction with the choice of /3o since 2 is a perfect cube in 
this case. □ 

6. Comparison with Voloch's Work 

The following is an improvement of a result of Voloch [14, §5]. The proof is similar to the proof of the 
main theorem in |14) . but more elementary in the sense that we avoid working with algebraic function fields. 

Theorem 3. Let q be a prime power, and Zei < e, 77 < 1. For d sufficiently large, if a Cz¥q has order r and 
degree d over ¥q with r < d^^^', then a — 1 has order at least exp((l — ri)^d'^^^ log d). The degree d need 
only be large enough for the inequalities of ([9]) and ()10p to hold, which depends only on the choices of e and 
V- 

Proof. Let < e < 1 be given, and put N :— \d^^'^~\. Note that (r, q) = 1 since r divides one less than 

a power of q and g is a prime power. Also, note that the elements a"^ , < i < d ~ 1, are distinct. It 
follows that the multiplicative order of q modulo r is exactly d. For each coset F of (g) in (Z/rZ)*, we define 
Jr --^{n^N -.n mod r e F}. Note that there are [(Z/rZ)* : (q)] = (j){r)/d cosets of {q) in (Z/rZ)*. Now 



N<P{r] 



2^ \Jr\ = #{1 < < iV : gcd(n, r) = 1} = — ^ + 0(r^/i"), 
r 

where the sum is over all cosets of F in (Z/rZ)*. Thus, there exists a coset F = 7(5) such that | Jr| is at 
least the average. That is, | Jr| > ^ + 0{dr'^^^^ /<j){r)). Thus, there exists a positive constant Cg so that 

\Jr\ > ^ - >d'- c.d'^ since d < <j>{r). 

Since 7 is coprime to r, write aj + f3r — 1 and take c = a". Then a — c^ , and c has order r and 
degree at least d. Let b := a — 1. For each n ^ Jr, there exists jVi such that n = 7(7^" (mod r). Whence 
c" = cT«'" = a«'" , and so = a«'" - 1 = c" - 1. 

Now, for every / C Jr we write 6/ := nnG/('^" ~ f) = Hn g/ ^"^ ' which is a power of b. Put T — [d'/'^j , 
and observe that for d sufficiently large 

NT = \d'^-'] [d'/^] < d. (9) 

We claim that for all distinct /, /' C Jr with |/| = |/'| = T we have that 6/ 7^ bj'. Suppose that bj = 67/, 
and consider the non-zero polynomial 

Pit) ^ Hit- -1)- Hit- -1). 

Observe that p{c) = bj — bj' = 0, and so degp(t) > degj.^^ c > d. On the other hand, we have that 
degp(t) < NT < d, a. contradiction. Thus 6/ 7^ bjr as claimed. 

It follows that there are at least (''^') distinct powers of b. Choose < ry < 1. Then, for d sufficiently 
large, 

(' T ') ^ - 0'" - " ^^'""^ " - ^ '^'i'^'' '°^') ' ^''^ 

as required. □ 



In order to compare this result to Theorem [1] one may choose a = a„ to be a primitive 2"-th root of 
unity in ¥q. The degree of a over Fg will be 2"~°'''^2(g-i)_ Then, for n sufficiently large, the conditions of 
the above theorem will be satisfied. Similarly, one may choose a to be a primitive 3"-th root of unity in ¥q 
to compare with Theorem [2] 

Because of the requirement that a must have low order relative to its degree, there are many fields in 
which Theorem [3] will not apply. Furthermore, one may check that even though the bound of Theorem [3] 
will eventually dominate the bounds of Theorems [1] and O there will always be a range (in terms of n) in 
which the bounds of Theorems [1] and [2] will be larger. For example, suppose we apply Theorem[3]to the case 
mentioned above, and we maximize the bound of Theorem |3] by setting e = 1 and ry = 0. Further, suppose 
we minimize the bound of Theorem [T] by say assuming that ord2((7 — 1) = 1. Note that this will also serve to 
maximize the bound of Theorem |31 Under these assumptions, we may check that the bound of Theorem [T] 
will dominate for n < 11. However, we note that Theorem [3] does not actually apply if we choose e = 1 and 
1] — 0; and the range of n for which Theorem [T] will dominate will be larger for any appropriate choice of e 
and rj. 



7. Examples of Theorems 

In this section we provide the data from the first several iterations for five examples of the main theorems: 
three for Theorem [T] and two for Theorem [2] The tables in this section provide information about the orders 
of a„, /3„, Sn, and 7„ in relation to our bound. We have chosen to take logs of these numbers because 
of their size. For each example, we note that the actual orders are much higher than our lower bounds. 
Computations were aided by MAGMA [I]. 

For our first example of Theorem [U we choose q = 5 and ao = 2. 



Table 1. g = 5; ao = 2. 



n 


log2 |F;,„ I 


l0g2 


l0g2 \{^n)\ 


log2 (2^"'+i"+i) 


1 


4.59 


4.59 


3.00 


3.00 


2 


9.28 


9.28 


7.70 


6.00 


3 


18.6 


16.0 


17.0 


10.0 


4 


37.1 


35.6 


31.5 


15.0 


5 


74.2 


69.8 


68.6 


21.0 


6 


148. 


148. 


143. 


28.0 


7 


297. 


295. 


292. 


36.0 


8 


594. 


590. 


589. 


45.0 



For our second example of Theorem [H we choose q — 9 and uq — C, + 2, where C is a root of + 1. Note 
that, in this example, (5„ is actually primitive for each of the first eight iterations. 
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Table 2. q^9;ao=C + 2. 



n 


In?* 1 

iOg2 |*g2" 1 




iOg2 \ {(>n)\ 


10g2 \ Z ^ 2 1 " 1 


1 


6.32 


5.32 


6.32 


5.00 


2 


12.7 


10.7 


12.7 


8.00 


3 


25.4 


22.4 


25.4 


12.0 


4 


50.8 


46.8 


50.8 


17.0 


5 


102. 


96.5 


102. 


23.0 


6 


203. 


197. 


203. 


30.0 


7 


406. 


399. 


406. 


38.0 


8 


812. 


804. 


812. 


47.0 



For our final example of Theorem [TJ we choose q — 121 and ao = rf , where is a root of -\-7x + 2. 
Here, (5„ is primitive except for n = 3 and n = 7. 



Table 3. g = 121; gp = rf. 



n 


log2 |F*2i2" 1 


log2 \{an)\ 


logs 1 {5n) 1 


log2 


(^2^"'+i"+3^ 


1 


13.8 


11.8 


13.8 




5.00 


2 


27.7 


26.7 


27.7 




8.00 


3 


55.4 


50.8 


53.0 




12.0 


4 


111. 


109. 


111. 




17.0 


5 


222. 


216. 


222. 




23.0 


6 


443. 


440. 


443. 




30.0 


7 


886. 


874. 


883. 




38.0 



For our first example of Theorem [21 we choose q — 1 and /3o = 3. In this example, 7„ appears to alternate 
between being primitive and not. 



Table 4. g = 7; /gp = 3. 



n 


iog2 |f;3" I 


l0g2l(/3n)l 


log2 l(7«>l 


log2 (3^"'+i"+i) 


1 


8.42 


7.41 


5.84 


4.76 


2 


25.3 


25.3 


25.3 


9.52 


3 


75.8 


75.8 


74.2 


15.8 


4 


228. 


228. 


228. 


23.8 


5 


682. 


681. 


681. 


33.3 



For our second example of Theorem [2l we choose g = 16 and /3o = where ^ is a root of a;^ + x + 1. Note 
that here 7n is primitive for each of the first five iterations. 

10 



Table 5. g = 16; /3o = 



n 


log2 iFtesn 1 




I0g2 K7n)l 


log2 (35"'+i"+i) 


1 


12.0 


8.83 


12.0 


4.76 


2 


36.0 


31.2 


36.0 


9.52 


3 


108. 


102. 


108. 


15.8 


4 


324. 


316. 


324. 


23.8 


5 


972. 


962. 


972. 


33.3 
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